This undated GCHQ presentation explains the agency’s FLYING PIG database and its role in undermining SSL/TLS encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This CSEC presentation from 2012 outlines the agency’s capabilities against SSL encryption at that point: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This NSA summary of a talk presented at the 2012 TCB Jamboree describes a Sandia National Laboratories approach to attacking Apple technology using compromised developer tools: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

﻿TOP SECRET STRAP1
BULLRUN
PTD Lead for Special Operations and Policy
PTD "We penetrate targets' defences."
This information is exempt from disclosure under the Freedom of Information A...

This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.

This extract from a GCHQ document dated 9 March 2011 describes WOLFRAMITE, an agency project to defeat the A5/3 GSM cipher: see the Intercept article Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide, 4 December 2014.

This undated NSA presentation from the agency’s Information Technology Directorate, aimed at analysts, describes techniques for decrypting IPSec VPN traffic: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This undated GCHQ presentation proposes a deanonymisation attack against Tor users based on the collection of data from exit nodes owned by the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

﻿UK TOP SECRET STRAP1 COMINT
A potential technique to deanonymise
users of the TOR network
OPC-MCR, GCHQ
This information is exempt from disclosure under the Freedom of Information Act 20...

This undated NSA presentation, written by the author of ‘I hunt sys admins’, outlines tactics for tracking users of Tor and other anonymising technologies: see the Intercept article The Hunter, 28 June 2016.

﻿TOP SECRET//COMINT//RELTO USA, FVEY
Tracking Targets Through Proxies
& Anonymizers (and the air speed
velocity of an unladen swallow)
Also known as: I I I PaAatasvoaus
TOP SECRET//COM...

This extract from the US intelligence community’s 2013 Congressional Budget Justification shows expenditure on the Analysis of Target Systems project, which aims to defeat the encryption in commercial software and hardware: see the Intercept article iSpy: The CIA Campaign to Steal Apple’s Secrets, 10 March 2015.

This 40-page NSA presentation for the June 2012 SIGDEV conference includes a ranking of cryptographic protocols in order of ‘risk’ the they pose to the agency’s operations: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

A joint US Navy and NSA report, prepared three months after a US spy plane was forced to crash land in China, assesses the degree to which surveillance secrets were compromised: see the Intercept article Burn After Reading: Snowden Documents Reveal Scope of Secrets Exposed to China in 2001 Spy Plane Incident, 10 April 2017. […]

TOP SECRET//COMINT//NOFORN//X1
EP-3E Collision:
Cryptologic Damage Assessment
and Incident Review
Final Report
Prepared by the
EP-3 Cryptologic Assessment Team
July 2001
Classifie...

This undated page from NSA’s internal WikiInfo describes the Transform Engine Emulator (TEe) process for undermining VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This undated page from GCHQ’s internal GCWiki gives an indication of the agency’s thinking on the feasibility of Tor deanonymisation attacks: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This undated PRISM intercept from the NSA suggests the agency was unable to decrypt the content of an OTR-encrypted chat session: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This September 2008 newsletter from the National Information Assurance Research Laboratory (NIARL), an unit within the NSA’s Research Directorate gives an indication of the agency’s progress with cryptanalysis – which, with “only a handful of in-house techniques” – appears to be modest: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet […]

﻿TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108
September 2008 Edition
■ (U) Message from the NIARL Director:
(U//FOUO) Welcome to the September 2008 edition of the National
...

This NSA classification guide dated 1 February 2010 details the sensitivity of particular aspects of the joint NSA/Department of Defense Crytographic Modernization Program: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.

This document dated 20 January 2011 provides the research agenda for a joint NSA/GCHQ group tasked with developing “a sound understanding of the threat that encryption brings to our ability to do target discovery/development as well as devising mitigations”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December […]